Dark Reading

Java Security 'Fix' Is Disguised Malware Attack

Beware any Java security update that you don't download directly from Oracle's website. The malware may be encountered when visiting websites that have been compromised with a crimeware toolkit and ...
TheServerSide

How JSR-375 simplifies and standardizes Java EE security

When leafing through the pages of the recently ratified JSR-375, the new Java EE Security API, it's amusing how quickly the reading of the spec turns into an exercise of uttering to yourself, ...
Threat Post

Mixed Reviews on Oracle’s Java Security Update

Oracle announced enhancements to Java security around signed applets and certificate validation, but experts such as HD Moore want to see more work done to beef up the Java sandbox. Oracle is working ...
adtmag.com

Older Versions Threaten Java Security; Experts Weigh In

Bit9 released a report last week underscoring the ongoing security risk to the enterprise posed by outdated versions of Java still up and running on company machines -- versions of the platform with ...